By Topic

Implement role based access control with attribute certificates

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Wei Zhou ; University of Trier ; C. Meinel

Nowadays more and more activities are performed over the Internet. But as more people are involved in the transaction circle, security and authorization control becomes one of the biggest concerns. Hence, We are motivated by the need 10 manage and to enforce a strong authorization mechanism in large-scale web-environment. Role based access control (RBAC) provides some flexibility to security management. Public key infrastructure (PKI) can provide a strong authentication. Privilege management infrastructure (PMI) as a new technology can provide strong authorization. In order to satisfy mentioned security requirements, we have established a role based access control infrastructure and developed a prototype that uses X.509 public key certificates (PKCs) and attribute certificates (ACs). Access control is performed by access control policies that are written in XML. Policies and roles are stored in ACs. PKCs and AO are all stored in LDAP servers. A new solution for policy management is described. The main components of the prototype are administration tool and access control engine. The access control engine provides a service that mediates the data between the users and the resources, which is also responsible for authentication and authorization. The administration tool can create key pairs, PKCs and ACs, manage users' information, and so on.

Published in:

Advanced Communication Technology, 2004. The 6th International Conference on  (Volume:1 )

Date of Conference:

9-11 Feb. 2004